Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SW0QP9iGTM_5g19APlQxrlo85-4.roa
File: SW0QP9iGTM_5g19APlQxrlo85-4.roa (raw, json)
Hash identifier: Xm7eP2Qz56NQdRlcLev5ShBCajQOc4vp08vGnDqZjzk=
Subject key identifier: 49:6D:10:3F:D8:86:4C:CF:F9:83:5F:40:3E:54:31:AE:5A:3C:E7:EE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942825041FC16E9A7EF98D4E7BB3AECE18
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SW0QP9iGTM_5g19APlQxrlo85-4.roa
Signing time: Thu 02 Jan 2025 17:51:41 +0000
ROA not before: Thu 02 Jan 2025 17:51:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
194.87.218.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:04:1f:c1:6e:9a:7e:f9:8d:4e:7b:b3:ae:ce:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=496d103fd8864ccff9835f403e5431ae5a3ce7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:49:fd:0d:49:0e:c4:20:61:0b:20:26:d2:6b:
e3:53:58:5e:93:61:54:80:04:d3:23:4f:bc:75:e2:
fc:bf:02:c0:57:65:c2:6d:9f:96:d0:c3:e8:86:43:
78:aa:2b:6d:7a:ef:cb:f0:26:35:52:c0:c1:7c:6e:
09:68:aa:4b:a8:b2:2f:71:19:bd:67:03:e7:cd:ae:
e8:b8:04:58:3a:16:79:f3:48:2a:40:16:d0:9c:6d:
88:56:ca:4a:00:17:33:45:0c:63:a3:7b:1c:5d:e9:
30:c5:bb:6e:d7:cd:fc:2d:f4:7e:56:fa:69:f7:ce:
2b:71:f1:95:38:cf:5d:a2:c8:00:4e:54:e2:33:bf:
dd:44:60:8e:19:6b:05:fa:37:da:b5:6d:29:4e:61:
aa:88:68:09:4c:50:1d:0e:6f:17:55:0d:5a:6b:4c:
fe:cd:5f:09:9c:dc:f9:f3:99:99:14:95:c5:84:64:
9b:14:0c:b7:0d:fd:48:1d:19:23:35:7d:d4:9b:e3:
d9:8b:1e:2b:7e:92:eb:3f:75:84:30:bc:f4:79:11:
fc:50:09:e0:64:aa:06:25:45:13:c0:fa:7d:9a:9a:
bf:6d:72:7d:35:9c:3f:2e:60:71:bc:52:c8:2e:a1:
42:99:0c:7b:82:a9:6a:b6:5c:b2:46:7b:60:92:d9:
c0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6D:10:3F:D8:86:4C:CF:F9:83:5F:40:3E:54:31:AE:5A:3C:E7:EE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SW0QP9iGTM_5g19APlQxrlo85-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
Signature Algorithm: sha256WithRSAEncryption
86:53:6e:0b:7f:52:0e:26:48:47:3c:d4:f1:48:3e:cc:a3:13:
24:12:4c:c3:ab:02:5f:7d:0e:c0:9a:4f:0e:5b:d5:d6:d6:be:
20:a6:90:6c:89:5a:5b:96:6e:59:7b:1d:47:10:08:28:b3:60:
98:a0:91:70:e9:24:f8:cb:5a:ed:5f:df:1f:9f:d5:86:84:33:
24:d1:e8:32:97:ed:4f:2c:a9:f7:1d:c6:0f:53:83:44:bc:3a:
aa:d2:ea:20:5c:da:8e:f0:8a:34:5d:b6:16:91:54:54:d8:4e:
42:b5:90:09:33:f4:b4:1c:d5:63:4d:c5:07:43:16:48:33:92:
d3:8a:d8:55:5e:db:70:87:81:fa:30:cb:4e:eb:f4:f6:6d:87:
31:0a:c5:84:74:c0:d3:1a:cd:51:4b:cf:8c:25:59:dc:51:8d:
c1:c9:b0:ec:d6:c8:b7:f8:90:56:48:d9:9d:0e:26:8d:32:c4:
a8:ed:f1:64:9e:65:02:b6:27:c7:69:ee:dd:c7:22:fd:f0:52:
08:9a:a3:3b:ae:16:fb:52:fc:4b:39:6c:3e:75:79:7d:53:34:
ea:32:5c:10:b0:04:50:ba:56:1e:70:4f:0d:43:e4:7c:7e:f4:
ed:26:46:06:e0:bc:7d:68:7d:77:e4:2f:b0:15:18:c2:85:da:
21:c7:18:22
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJQQfwW6afvmNTnuzrs4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTZkMTAzZmQ4ODY0Y2NmZjk4MzVmNDAzZTU0MzFhZTVhM2NlN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUn9DUkOxCBhCyAm0mvjU1hek2FU
gATTI0+8deL8vwLAV2XCbZ+W0MPohkN4qitteu/L8CY1UsDBfG4JaKpLqLIvcRm9
ZwPnza7ouARYOhZ580gqQBbQnG2IVspKABczRQxjo3scXekwxbtu1838LfR+Vvpp
984rcfGVOM9dosgATlTiM7/dRGCOGWsF+jfatW0pTmGqiGgJTFAdDm8XVQ1aa0z+
zV8JnNz585mZFJXFhGSbFAy3Df1IHRkjNX3Um+PZix4rfpLrP3WEMLz0eRH8UAng
ZKoGJUUTwPp9mpq/bXJ9NZw/LmBxvFLILqFCmQx7gqlqtlyyRntgktnASQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEltED/YhkzP+YNfQD5UMa5aPOfuMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1cwUVA5aUdUTV81ZzE5QVBsUXhybG84NS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYMA0GCSqGSIb3DQEBCwUAA4IBAQCG
U24Lf1IOJkhHPNTxSD7MoxMkEkzDqwJffQ7Amk8OW9XW1r4gppBsiVpblm5Zex1H
EAgos2CYoJFw6ST4y1rtX98fn9WGhDMk0egyl+1PLKn3HcYPU4NEvDqq0uogXNqO
8Io0XbYWkVRU2E5CtZAJM/S0HNVjTcUHQxZIM5LTithVXttwh4H6MMtO6/T2bYcx
CsWEdMDTGs1RS8+MJVncUY3BybDs1si3+JBWSNmdDiaNMsSo7fFknmUCtifHae7d
xyL98FIImqM7rhb7UvxLOWw+dXl9UzTqMlwQsARQulYecE8NQ+R8fvTtJkYG4Lx9
aH135C+wFRjChdohxxgi
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:46:26 2025 by rpki-client